yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix potential integer overflow parsing DER CRT

Browse source 
This patch prevents a potential signed integer overflow during the
certificate version verification checks.
This commit is contained in:
Andres AG 2017-03-09 16:16:11 +00:00 committed by Simon Butcher
parent ce49a25033
commit 6b171e4aec
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog
View file

@ -237,6 +237,9 @@ Bugfix
digits. Found and fixed by Guido Vranken. digits. Found and fixed by Guido Vranken.
* Fix unlisted DES configuration dependency in some pkparse test cases. Found * Fix unlisted DES configuration dependency in some pkparse test cases. Found
by inestlerode. #555 by inestlerode. #555
* Fix a potential integer overflow in the version verification for DER
encoded X509 certificates. The overflow would enable maliciously
constructed certificates to bypass the certificate verification check.
= mbed TLS 2.4.1 branch released 2016-12-13 = mbed TLS 2.4.1 branch released 2016-12-13